package com.ktwlrj.securitycenter.interceptor;

import com.ktwlrj.core.constant.ResultCode;
import com.ktwlrj.core.util.ServletUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 权限拦截器
 *
 * @author lisc
 */
public class AuthInterceptor implements HandlerInterceptor {
    @Value("${app.open-auth}")
    private boolean openAuth;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
        if (!openAuth) {
            return true;
        }
        String token = null;
        token = request.getHeader("Authorization");
        if (StringUtils.isBlank(token)) {
            token = request.getParameter("Authorization");
        }
        if (StringUtils.isBlank(token)) {
            ServletUtils.writerResponse(ResultCode.AUTH_SESSION_TIMEOUT.getValue(), "授权过期,请刷新页面再次进入系统", response);
            return false;
        }
        return true;
    }
}
